Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-21 09:07:49 +08:00
Code Packages Activity Actions
discourse/lib/auth/discourse_id_authenticator.rb
Penar Musaraj d45ebd746c
DEV: Add Discourse ID authenticator (#33186) 
Adds a Discourse ID authenticator. Not available for use in production
just yet, but soon communities will be able to use this service to let
users authenticate using a central Discourse ID account.

Includes a support for a `/revoke` action, allowing users to log out of
multiple client instances from a central auth service.

Internal ticket: t/155397
---------

Co-authored-by: Loïc Guitaut <loic@discourse.org>
2025-06-17 09:47:00 -04:00

62 lines
1.6 KiB
Ruby
Vendored
Raw Permalink Blame History

# frozen_string_literal: true
class Auth::DiscourseIdAuthenticator < Auth::ManagedAuthenticator
class DiscourseIdStrategy < ::OmniAuth::Strategies::OAuth2
option :name, "discourse_id"
option :client_options, auth_scheme: :basic_auth
def authorize_params
super.tap { _1[:intent] = "signup" if request.params["signup"] == "true" }
end
def callback_url
Discourse.base_url_no_prefix + callback_path
end
uid { access_token.params["info"]["uuid"] }
info do
{
nickname: access_token.params["info"]["username"],
email: access_token.params["info"]["email"],
image: access_token.params["info"]["image"],
}
end
end
def name
"discourse_id"
end
def display_name
"Discourse ID"
end
def enabled?
SiteSetting.enable_discourse_id && SiteSetting.discourse_id_client_id.present? &&
SiteSetting.discourse_id_client_secret.present?
end
def site
SiteSetting.discourse_id_provider_url.presence || "https://id.discourse.com"
end
def register_middleware(omniauth)
omniauth.provider DiscourseIdStrategy,
scope: "read",
setup: ->(env) do
env["omniauth.strategy"].options.merge!(
client_id: SiteSetting.discourse_id_client_id,
client_secret: SiteSetting.discourse_id_client_secret,
client_options: {
site:,
},
)
end
end
def primary_email_verified?(auth_token)
true # email will be verified at source
end
end
View git blame Copy permalink